c8649cd8109315b65acb053d8a7cc200N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8649cd8109315b65acb053d8a7cc200N
Size

26KB
MD5

c8649cd8109315b65acb053d8a7cc200
SHA1

e1a2cf8038c0aab5a255e7251f8f6ac2d147eb85
SHA256

1bc3d9018c753270ec1441468a7c4625d9bf6237f5f0480a7b9df020f1b6f0d0
SHA512

1f3c26be9d1d0718b365761dce4c7f6178abc5788e490aed72f576de285eca6ea45cf91da2c60e26a9c66753ce13a1d8dd0859ebd6ec0d3f5c99cd5d7aebd908
SSDEEP

192:0id86dnQ1HHtqzGDnrRNtmblNW6+rG15xvhwOwIn17mXOFtJkVTmNn+GBrnqLsYH:0l6d+tqqDRhG15xvnxWOFwIqMVvQL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8649cd8109315b65acb053d8a7cc200N

Files

c8649cd8109315b65acb053d8a7cc200N
.exe windows:4 windows x86 arch:x86

8b952403cd7980f20cd10a1500bc5902

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgOpenStorage
CoInitialize

kernel32

RaiseException
HeapSetInformation
GetCurrentProcess
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange
Sleep
TerminateProcess

advapi32

CredFree

dhcpcsvc

DhcpDeRegisterParamChange

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ